If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Best Metasploit exploit/payload for windows XP sp2/3

Hello all,

I just was wondering what the best exploit and payload would be for getting a command shell on a windows XP SP2/SP3 machine. The XP machine would be assumed to be current with updates...
I find it quite a challange as every attempt I have tried returned with no session...

If you're attacking the OS directly and it's fully patched (ex: ms08-067) you will have no luck. You will have to look at either attacking installed applications (ftp, smtp, etc) or look into a client side attack.

Ok say I rigged my vm of windows XP so that it has been fully patched but oops I forgot to close port 21 and 80. Could these be "metasploited"?

Well what is running on port 21? you need the name of the service and the version number. Same with port 80. Then you hit google and try to find a vulnerability. So the short answer is no. This stuff takes tons of time, research,pouring over boring code and caffeine.

Ok say I rigged my vm of windows XP so that it has been fully patched but oops I forgot to close port 21 and 80. Could these be "metasploited"?

Ok, I'm in a good mood so I'll spoon feed

IT/Security 101.....

An exploit takes advantage of a weakness (also known as a vulnerability), patches correct vulnerabilities.

If a vulnerability exists within the service running/listening on a particular port (21 or 80) then yes it can be exploited. Assuming a) it's a brand new vulnerability that you've discovered (for which there is no patch [yet]) or b) it's an old vulnerability which has not had the corresponding and correcting patch applied.

I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

The best way to exploit a full patch windows XP.is to Create a payload with metasploit, attached that payload using your friendly microsoft iexpress to a nice little fun game you download of the web. Send and execute on your test VM. When you run the game and close it, the metasploit payload will be executed.

OR!! your can use browser exploits, you can use metasploit to act as a website, and just browse to your machine and hopefully, pop you can command.. if you got wireless check out karmetasploit.